As the 2018 midterms proceed, there are still significant risks
to the integrity of the voting system – and information warfare
continues to try to influence the American public’s choices when they
cast their ballots.

However, not all the election-related news and information voters
have been encountering in recent days and weeks is accurate, and some of
it is deliberately misleading. As this election’s results come back,
they will reveal whether the misinformation and propaganda campaigns
conducted alongside the political ones were effective.

Securing election systems

America’s electoral process remains highly fragmented, because of the
country’s cherished tradition of decentralized government and local
control. While this may leave some individual communities’ voting
equipment potentially vulnerable to attack, the nation’s voting process
overall may be more trustworthy as a result of this fragmentation. With
no unified government agency or office to provide, administer and
protect election technologies, there’s not one central national element
that could fail or be attacked.

Beyond voting machines

Election security is about much more than voting machines and
vote-counting systems, though they are the most visible technologies at
work on Election Day. State systems that track voter registrations, or
allow users to register online, are enticing targets for hackers, too.
Security firm Carbon Black reported that 81 million voter records from 20 states
are available in online forums. This data, obtained by hacking various
official and corporate databases, could be used to facilitate voter
fraud or sow confusion at polling places on Election Day: How would you
feel if you were told that someone using your name and address had
already voted?

There are security concerns even in states like Oregon, where
everyone votes on paper and mails in their ballots in advance of
Election Day. That state’s election officials were targeted by hackers seeking to gain access to state email and database systems.
With that access, attackers might be able to digitally impersonate a
government official to send false or confusing emails, press releases or
other notifications to citizens, journalists or poll workers.

Also at risk are public-facing official websites that carry election
information. Merely changing the reported location of polling places or
voting hours could prevent some people from voting. Also vulnerable are
states’ methods of announcing preliminary election results. At a major
internet security conference in August, children were able to compromise
replicas of several states’ election-reporting systems. The most
remarkable was that in just 10 minutes, an 11-year-old boy cracked the security
on a copy of the Florida secretary of state’s website and was able to
change the publicly announced vote totals for candidates. That could be
enough to cast doubt on whatever was later reported as the official
results – and the integrity of the system itself.

Looking ahead

Protecting democracy is a huge challenge. I’ve written before that it involves more than technical solutions
to computer problems. The U.S. government, and the people it serves,
must find the desire and the drive to establish secure and trustworthy
procedures for running elections across the country. Education is also
key, teaching people from an early age how to recognize propaganda and
misinformation, and think critically about the information they
encounter. Facts are not subject to alternative views; without
widespread agreement on common objective realities, society and
government cannot function well.

Many of these problems will not have a clearly defined fix, because
they involve a nuanced balancing of individual rights and social
necessities. Real and lasting solutions must come from civil discourse
by rational and objectively informed people who have, above all, the
actual honest desire to do it right.